---
title: MCP Tool Validation
date: 2025-04-10
description: Learn how to configure content validation for Model Context
  Protocol (MCP) tools in GenAI Script.
tags:
  - mcp
  - validation
  - tools
cover:
  alt: An 8-bit style corporate-tech illustration featuring a glowing digital lock
    icon symbolizing security through "tools signature hash" on one side, and a
    scanner emitting wave-like patterns to represent a "content safety scanner"
    on the other. Abstract geometric shapes symbolize interconnected servers and
    tools, all depicted in a muted 5-color palette, creating a clean, structured
    visual. No people or text are present in the image.
  image: ./mcp-tool-validation.png
excerpt: GenAIScript has introduced updates to enhance the security of Model
  Context Protocol (MCP) tools, addressing vulnerabilities like rug pull
  attacks, tool poisoning, and prompt injection. With options for tools
  signature hashing and prompt injection detection via content scanners, these
  features provide reinforced safeguards to maintain integrity across tool
  definitions and outputs. Ensure your configurations are up to date for
  comprehensive protection.

---

import BlogNarration from "../../../components/BlogNarration.astro"

<BlogNarration />

GenAIScript added a few feature to secure Model Context Protocol (MCP) tools and mitigate specific attacks such as rug pull, tool poisoning, or prompt injection.

Starting with `v1.127`, you can configure the following options as [documented here](/genaiscript/reference/scripts/mcp-tools#security):

- tools signature hash to prevent rug pull attacks, where the list of tools is modified without your knowledge.

```js 'toolsSha: "..."'
script({
    mcpServers: {
        playwright: {
            ...,
            toolsSha: "..."
        }
    }
})
```

- prompt injection detect using [content safety scanner](/genaiscript/reference/scripts/content-safety). This will scan both the tools definition file, to prevent **tool poisoning** and every tool output,
  to prevent **prompt injection**.

```js 'detectPromptInjection: "always"'
script({
    mcpServers: {
        playwright: {
            ...,
            detectPromptInjection: "always"
        }
    }
})
```

- in fact, every tool can be instrumented with content safety scanning.

```js 'detectPromptInjection: "always"'
defTool("fetch", "Fetch a URL", { url: { type: "string" }, },
    async args => ..., {
    detectPromptInjection: "always"
})
```

### Are we done?

There are still many other security aspects to consider when using MCP tools, these features are just a few of them.
